Professional Documents
Culture Documents
CHAPTER ONE
INTRODUCTION
Stronger accountability;
Ethical, economical, efficient and effective operations;
Improved ability to address risks to achieve general control
objectives;
Better systems of responding to the needs of citizens; and
Quality outputs and outcomes and effective governance.
CHAPTER TWO
2.1
2.2
Safeguard assets;
Check accuracy and reliability of accounting data;
Ensure economical, efficient and effective operations;
Comply with laws and regulations; and
Adhere to managerial policies.
integrate internal controls that are cost efficient and are meant to prevent
unnecessary or overlapping effort, protect the operations against waste or
inefficient use of resources and ensure services that will lead to the
achievement of expected outputs and results.
2.4.4 Comply with Laws, Rules and Regulations. Government
operations conform to the basic tenet that powers and authorities of a
government office or agency are usually prescribed in the law creating
such office or agency. Powers of administrative agencies depend largely,
if not wholly, on the provisions of the statute creating or empowering such
agency. Management and operational compliance are among the things
evaluated to assess conformity with laws and other regulatory
requirements.
Similarly, [i]n government, the organizations, programs, activities,
and functions are usually created by law and are subject to specific rules
and regulations (Sec. 10 (a), Ch. 3, Title 1 - Government Auditing
Standards and Procedures, Volume III, GAAM, COA Circular 91-368,
19 December 1991).
In line with this, [a]ny public official or employee who shall apply
any government fund or property under his administration or control to
any use other than for which such fund or property is appropriated by law,
shall suffer the penalty imposed under the appropriate penal laws
(Chapter 7, Book VI, Title I, EO 292 or the Administrative Code of 1987).
2.4.5 Adhere to Managerial Policies. Managerial policies are
directives and courses of action given by the agency head or
management committee towards achieving defined objectives. They
provide guidance to personnel in the proper execution of the work of their
unit and individual tasks that collectively contribute to the attainment of
organizational goals. This particular objective is operationalized through
the mechanisms provided for under the Administrative Code of 1987. The
administrative relationships discussed under Section 38, Chapter 7, Book
IV of the Code provide the manner by which agency activities may be
controlled, supervised and coordinated.
a) Supervision and Control. This includes the authority to act
directly whenever a specific function is entrusted by law or regulation to a
subordinate; direct the performance of duty; restrain the commission of
acts; review, approve, reverse or modify acts and decisions of
13
14
CHAPTER THREE
COMPONENTS OF INTERNAL
CONTROL
15
Figure 1
Internal Control Framework
CONTROL ENVIRONMENT
18
management actions at all levels and ensure that operating activities are
performed within the standards prescribed in each system.
Human Resource Management System. This system
encompasses the processes from recruitment, retention, training,
supervision and discipline, until an employees severance from the
service either through retirement, resignation, or separation. Examples of
human resource policies found in existing laws are discussed in the
succeeding paragraphs.
Sec. 7, Chapter 2, Book V of the Administrative Code provides
that the Career Service shall be characterized by (1) entrance based on
merit and fitness to be determined as far as practicable by competitive
examination, or based on highly technical qualifications; (2) opportunity
for advancement to higher positions; and (3) security of tenure.
The merit and fitness principle does not end with the recruitment
process. Periodic and continuing review of the performance of officials
and employees have to be undertaken.
Sec. 33, Chapter I, Subtitle A, Title I, Book V of the Administrative
Code provides that there shall be established a performance evaluation
system (PES) which shall be administered in accordance with rules,
regulations and standards promulgated by the Civil Service Commission
(CSC), for all officers and employees in the first and second levels of the
career service. The PES is being implemented based on the principle of
performance-based security of tenure and provides motivation and basis
for incentives to performers and applies sanctions to non-performers.
For the third level of the career service, the Career Executive
Service Performance Evaluation System (CESPES) is in place. The
CESPES is a tool that provides for a periodic performance evaluation of
CESOs, CES eligibles, and incumbents of CES positions in various
departments and agencies of the national government, including in
GOCCs and GFIs. The Career Executive Service Board (CESB), created
through PD 1 dated 1 September 1972, is mandated to promulgate rules,
standards and procedures on the selection, classification, compensation
and career development of the members of the CES.
The performance and incentive mechanism is complemented by
the policy on discipline as provided under Section 46, Chapter 6, Subtitle
A, Title I, Book V of the Administrative Code of 1987 where it is stated
23
and interpreting the results thereof. As provided for under Sec. 41 of the
Code and as discussed in the objectives of internal control, [g]overnment
accounting shall aim to produce information concerning past operations
and present conditions; provide a basis for guidance for future operations;
provide for control of the acts of public bodies and officers in the receipt,
disposition and utilization of funds and property; and report on the
financial position and the results of operations of government agencies for
the information of all persons concerned.
In accordance with its Constitutional mandate to promulgate
accounting and auditing rules and regulations, the COA crafted the New
Government Accounting System, which is a simplified set of accounting
concepts, guidelines and procedures designed to correct, complete and
record in a timely manner all government financial transactions, and
produce accurate and relevant financial reports.
Quality Management Systems. As a commitment towards
establishing a national quality improvement system, the government
mandated the policy to [e]ncourage all sectors of the economy to aim for
optimum productivity and improved quality and shall recognize their
contribution to raising the quality of life for all, especially the
underprivileged (RA 9013, An Act Establishing the Philippine Quality
Award in Order to Encourage Organizations in Both the Private and
Public Sectors to Attain Excellence in Quality in the Production and/or
Delivery of Their Goods and Service, 28 February 2001).
Executive Order No. 605 dated February 23, 2007
(Institutionalizing the Structure, Mechanisms and Standards to Implement
the Government Quality Management Program) was issued to ensure
quality in the methods, systems and processes in government operations.
It directs all departments and agencies of the Executive Branch, including
all government-owned and/or -controlled corporations (GOCCs) and
government financial institutions (GFIs) to adopt ISO 9001:2000 (now ISO
9001:2008) Quality Management Systems as part of the implementation
of a Government-wide Quality Management Program.
In designing and implementing the quality management system,
public sector organizations should consider: [i]ts business environment,
changes in that environment, or risks associated with that environment;
its varying needs; its particular objectives; the products it provides; the
processes it employs; its size and organization structure (Section 0.1,
ISO 9000:2008 Quality Management System).
25
the Accounting unit and the General Services unit. This process will
address the risk of theft, pilferage or misuse of these resources.
3.1.3 Coherence of Policies. Internal controls, being integrated
in the processes or methods of operation of an agency, should be in
place within the organization and across organizations. Policies and
procedures of other public sector organizations, as well as private
entities providing public goods and services, must be compatible with
and complementary to the needs of the sector.
As examples, under the health sector, policies and standards of
the DOH on hospital and clinic operations should be consistently applied
and complementary with private hospitals and clinics, as well as by other
public service organizations providing health services. The Bureau of
Internal Revenue (BIR) should see to it that policies and practices of
withholding and collecting tax agents, whether in public organizations or
private entities, are consistent with those of the BIR. Failure to withhold
tax or delay of tax remittances by withholding and collecting tax agents
will directly affect the performance level of the BIR. To ensure
complementary policies and processes of withholding and collecting tax
agents, the BIR issues revenue regulations and regularly coordinates and
monitors compliance of these agents.
3.2
RISK ASSESSMENT
On the other hand, the internal context can include, but is not
limited to:
CONTROL ACTIVITIES
these are those discussed on pages 27 to 28. They are the response to a
risk designed to contain the uncertainty of an outcome that has been
identified. The procedures that an organization establishes to treat risks
are called internal control activities (INTOSAI Guidelines for Internal
Control Standards for the Public Sector). Once implemented, control
activities are absorbed and ingrained into the control environment of the
agency.
Control activities must be appropriate, cost effective,
comprehensive, reasonable and directly relate to the control objectives
and the agency mission. Appropriate means that the control activity is in
the right place and is commensurate to the risk involved. Cost effective
means the cost of implementation of the control activity should not
outweigh its benefits. Comprehensive and reasonable means that the
control activity directly relates to the control objectives. Finally, the control
activities should be doable and function consistent with the design or
plan. Implementation of control activities form part of the control
environment.
3.3.1 Risk Response. Responses to risks can be divided into
four categories. In some instances, risks can be transferred, tolerated or
terminated. However, in most instances, the risk will have to be treated.
Risk treatment is pertinent to internal controls because an
effective control system is the key to the treatment of risks that may
directly or indirectly prevent the achievement of the control objectives and
the attainment of an agencys mission. For some risks, the best response
is to transfer them. An example of a risk transfer is through insurance
coverage, that is, by paying a third party to take the risk in another way.
Another example of transferring a risk is through contractual stipulations.
Tolerating a risk is done when the ability to do something about it may
be limited, or the cost of taking any action is disproportionate to the
potential benefits that could be derived. There are also some risks which
could only be addressed or contained to acceptable levels by
terminating the activity.
There may also be instances when control measures may have to
be decreased to prevent bureaucratic red tape. This would depend on
the risk assessment results and after evaluating the effectiveness of the
controls even if a decrease is effected.
32
casual and temporary workers, shall file under oath their Statements of
Assets, Liabilities and Net Worth and a Disclosure of Business Interests
and Financial Connections and those of their spouses and unmarried
children under eighteen (18) years of age living in their households.
Identification and disclosure of relatives is likewise required under Section
8(B) thereof, which provides that [i]t shall be the duty of every public
official or employee to identify and disclose, to the best of his knowledge
and information, his relatives in the Government in the form, manner and
frequency prescribed by the Civil Service Commission.
Sec. 7 of RA 3019, Anti-Graft and Corrupt Practices Act,
provides that every public officer and employee shall prepare and file a
true detailed and sworn statement of assets and liabilities, including a
statement of the amounts and sources of his income, the amounts of his
personal and family expenses and the amount of income taxes paid for
the next preceding calendar year: x x x.
3.4.2 Communication. Effective communication should flow
down, across, and up the organization, throughout all components in the
entire structure. There should also be effective communication with
external individuals and organizations concerned. An agency and its
management must be kept up-to-date on the performance,
developments, risks and the functioning of internal controls, as well as
other relevant events and issues. An agency should ensure that there
are adequate means of communicating with, and obtaining information
from, external parties as external communications can provide inputs
that may have highly significant impact on the extent to which an agency
achieves its goals.
Towards this end, Section 8, Rule III, of the Rules Implementing
RA 6713 states that [g]overnment officials shall make themselves
available to their staff for consultation and dialogues. Sec. 5 thereof
provides that [e]very department, office and agency shall consult the
public they serve for the purpose of gathering feedback and suggestions
on the efficiency, effectiveness and economy of services. They shall
establish mechanisms to ensure the conduct of public consultations and
hearings.
Public service organizations are expected to [c]ommunicate
frequently with customers and other interested parties to ensure
continual understanding of their requirements, needs and expectations.
(Item 5.5.1, ISO 9000, Introduction and Support Package: Guidance on
36
38
40
Reference
Operating/Implementing
Bureaus, Regional and
Field Offices
1) Performance review and
improvement of
operations, processes
and activities; and
2) Compliance review and
improvement of
operations, processes
and activities.
1) Performance is
reviewed on a regular
basis. If actual
accomplishments do not
meet established
objectives or standards,
the processes and
activities established to
achieve the objectives
should be reviewed to
determine if
improvements are
needed; and
Management Division/
Management Unit
1)
Review whether
internal controls are
applied at all levels
within and across the
agency and sector; and
2)
Recommend measures
for management
improvement.
1)
Organizational
structure, manpower,
and operations;
2)
Existing methods,
systems and
procedures/processes;
and
3)
1) Institute process
improvements to meet
objectives or standards
to achieve efficiency
and effectiveness in
operations; and
2) Institute process
improvements to
achieve compliance with
regulations, policies,
procedures and other
requirements.
1) Appraise whether
controls are well
designed and properly
implemented; and
2) Determine the adequacy
of internal control or
whether it is achieving
the objectives.
1) Management audit and
operations performance
audit to determine the
extent of compliance;
2) Depends primarily on
the assessment of the
risks, the effectiveness
of the on-going
monitoring, and the
adequacy of internal
control; and
3) Takes place after the
fact and covers a
complete cycle of
operations to determine
the control effectiveness
over a specific time.
2) Operations, processes
and activities are
periodically reviewed to
ensure that they are in
compliance with current
regulations, policies,
processes and other
requirements.
Actions To Be Taken
1) Report management
review results to the
Financial &
Management Service
(FMS) Head;
2) Submit
recommendations for
management
improvement to the
FMS Head, as
necessary;
3) Conduct trainings on
the application of
improvements; and
4) Provide staff
supervision over the
implementation of
management
improvements.
41
APPENDIX 1
LIST OF REFERENCES